2 # ============LICENSE_START=======================================================
3 # Copyright (C) 2022 Nordix Foundation.
4 # ================================================================================
5 # Licensed under the Apache License, Version 2.0 (the "License");
6 # you may not use this file except in compliance with the License.
7 # You may obtain a copy of the License at
9 # http://www.apache.org/licenses/LICENSE-2.0
11 # Unless required by applicable law or agreed to in writing, software
12 # distributed under the License is distributed on an "AS IS" BASIS,
13 # WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
14 # See the License for the specific language governing permissions and
15 # limitations under the License.
17 # SPDX-License-Identifier: Apache-2.0
18 # ============LICENSE_END=========================================================
34 externalName: keycloak.local
68 imagePullPolicy: IfNotPresent
69 command: ['sh', '-c', 'until nc -vz postgres 5432; do echo waiting for postgres db; sleep 2; done;']
70 serviceAccountName: keycloak
73 image: quay.io/keycloak/keycloak:latest
74 imagePullPolicy: IfNotPresent
78 - name: KEYCLOAK_PASSWORD
80 - name: KEYCLOAK_HTTPS_PORT
82 - name: PROXY_ADDRESS_FORWARDING
84 - name: MANAGEMENT_USER
85 value: "wildfly-admin"
86 - name: MANAGEMENT_PASSWORD
88 - name: INGRESS_ENABLED
102 - name : X509_CA_BUNDLE
103 value: /etc/x509/https/rootCA.crt
111 path: /auth/realms/master
114 - name: keycloak-certs
115 mountPath: /etc/x509/https
117 - name: keycloak-certs
119 path: /var/keycloak/certs
122 apiVersion: networking.istio.io/v1alpha3
128 istio: ingressgateway # use istio default ingress gateway
145 apiVersion: networking.istio.io/v1alpha3
148 name: keycloak-tls-vs
161 host: keycloak.default.svc.cluster.local
165 apiVersion: networking.istio.io/v1beta1
175 - name: "keycloak-routes"
183 host: keycloak.default.svc.cluster.local